Active Directory
The Consequences of Password Reuse
Mark Zuckerberg’s Infamous Credential Stuffing Breach Even the most tech-savvy and security-conscious individuals can fall prey to simple mistakes. A striking example came when Facebook CEO Mark Zuckerberg, someone we would expect ...
Beyond Free Breach-Check Tools
Why Enzoic Delivers Enterprise-Grade Continuous Credential Monitoring Helpful for Individuals, Not Enough for Enterprises In recent years, free services like Have I Been Pwned (HIBP) have helped raise awareness around the dangers ...
Password Hashing: What Cyber Pros Need to Know
Password hashing is the process of converting a plain-text password into a fixed-length string of characters (called a hash) using a one-way cryptographic algorithm​.  ...
Guidepoint Security & Enzoic: Taking on the Password Problem
Compromised passwords remain one of the most common—and preventable—ways attackers gain access to systems. Despite advancements in security tools, weak and reused credentials still leave organizations wide open to phishing, credential stuffing, ...
The Renaissance of NTLM Relay Attacks: Everything You Need to Know
NTLM relay attacks have been around for a long time. While many security practitioners think NTLM relay is a solved problem, or at least a not-so-severe one, it is, in fact, alive ...
Two-Factor Authentication (2FA) vs. Multi-Factor Authentication (MFA)
How authentication works, the difference between 2FA and MFA, and the various types of secondary authentication factors ...
Getting Started with BHE — Part 2
Getting Started with BHE — Part 2Contextualizing Tier ZeroTL;DRAn accurately defined Tier Zero provides an accurate depiction of Attack Path Findings in your BHE tenant.Different principals (groups, GPOs, OUs, etc.) have different implications when Tier Zero is ...
AD Lite Password Auditor Report: Key Insights and Data
2024 Enzoic AD Lite Password Auditor Report In an era where cyber threats continue to evolve, password security remains one of the most critical yet often overlooked components of an organization’s security ...
Getting Started with BHE — Part 1
Getting Started with BHE — Part 1Understanding Collection, Permissions, and Visibility of Your EnvironmentTL;DRAttack Path visibility is dependent upon scope of collection; complete collection is dependent upon appropriate permissions.Your collection strategy benefits from tiering just ...
Decrypting the Forest From the Trees
TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be decrypted via the Administration ...
